Payment Gateway
A reusable, merchant-facing hosted checkout platform at pay.oualidg.dev. Multi-tenant, provider-agnostic, and built for async confirmation flows.
What this will be
The Utility Account System proved out the core payment mechanics — idempotency, RBAC, audit trails. The Payment Gateway takes that further: a platform that multiple merchant applications can plug into, each with their own provider configuration, branding, and webhook endpoint.
The first merchant will be the Utility Account system itself, which will migrate from its internal payment processor to the hosted checkout. This gives the gateway a real integration test from day one.
Design decisions in progress
Kafka for async merchant callbacks
Payment confirmation is asynchronous by nature — Safaricom, card networks, and bank rails all confirm out-of-band. Kafka is chosen over RabbitMQ here because merchant webhook delivery needs replay capability and consumer-group isolation: a slow merchant webhook handler should not block another merchant's confirmations.
Redis for session storage
Hosted checkout sessions (the payment intent, the payer's progress through the flow) are stored in Redis with a short TTL. This keeps the checkout stateless at the application layer and allows horizontal scaling without sticky sessions.
Mock Card Provider for MVP
The MVP ships with a Mock Card Provider that simulates authorisation, capture, and decline flows deterministically. This lets the merchant integration be fully tested end-to-end before connecting a real card acquirer.